This timeline was developed over a period of years, with the hope that it
will be used to further the understanding of the subject. The data was gathered
from unclassified sources, mostly web sites and books. Hopefully it tells
an interesting story, even though it's far from complete. And, yes I realize,
has a rumor or two thrown in as well. A lot of information I have gathered
just couldn't be dated. I hope people will use the timeline to direct FOIA
requests and other information gathering exercises on the topic. Acoustic
TEMPEST information is mostly absent, as are military directives. This is
obviously a work in progress. If so desired, you have permission to incorporate
any/all parts of the timeline into your inherited TEMPEST pages.

No, Yardley and his people found that various electronic
devices used to handle classified information emanated information, and that
these emanations could be exploited to reconstruct the classified
materials.

1934 Communications Act gives equal opportunity to all to lawfully
use electromagnetic spectrum. It establishes Federal Communications
Commission(FCC); International Special Committee on Radio Interference(CISPR)
formed to determine measurements and limits of radiation frequency(RF) emissions.

1935 IBM markets electronic typewriter.

1940s Receivers shielded for local oscillator radiation to prevent
becoming beacons for enemy submarines in World War II.

1941 FCC authorizes black and white 525-line TV recommended by
FCC-established National Television System Committee(NTSC).

1943 First working programmable electronic computer(Colossus) is built
by British for breaking German High Command coding system.

1952 In a method similar to laser eavesdropping, KGB gets caught using
great seal in American embassy as bug, a technique further researched by
the KGB known as electromagnetic flooding method of interception. Technique
also included using such unintentional emanators like ordinary light bulbs
and electric circuits.

1953 FCC adopts RCA's color TV system; National Security Agency(NSA)
formed, with signal intelligence(SIGINT) its primary mission; COMSEC declared
national responsibility and COMSEC board is formed; intentional acoustic
TEMPEST performed on Whirlwind I computer at MIT over phone line. It is used
to determine program execution status.

Mid-1950s U.S. Government becomes concerned about TEMPEST and establishes
TEMPEST Program; Development of first TEMPEST standard - NAG-1A(General
Non-COMSEC Publication); Television manufacturers work on EMF problems in
set designs, especially in local oscillators. These problems are later exploited
by British to enforce TV licenses.

1957: IBM partners with ITT and Analex to develop the Selectric typewriter
into a special high volume terminal for inputting and outputting classified
information, including Top Secret and code-word materials. The terminal
is specially built to radically minimize any kind of emissions and replaced
the volume Teletype KSR units.

1958 U.S. Air Force begins Simulation for Air and Group Engagements(SAGE)
air defense system, using graphical terminals; British intelligence picks
up Russian London embassy radio's local oscillator's emanations up to 200
ft away to figure out tuned spy frequencies in Operation Rafter.

1960 Canadian Communications Security Board policy paper expands COMSEC
mission to include TEMPEST; British intelligence conducts HIJACK attack on
conducted signals generated by French diplomatic cipher machine(London) in
Operation Stockade, showing importance of red/black separation; FBI conducts
operation similar to Stockade against French embassy in Washington.

It is not called a "HIJACK Attack", but should be properly called a "HIJACK
Exploit", and since the Brits were not exploiting an intermodulation product
the moniker of HIJACK does not apply. HIJACK is based on the mixing of two
signals, the first signal (such as a cell phone) acting as a carrier for
the secondary signal (typically classified materials).

1964 Operation Stockade against French embassies in London and Washington
ends when French technicians install metal sheets and copper tubes in cipher
rooms; NSA 65-6 specification set for RF shielded enclosures for communication
equipment; NSA considers HIJACK when improving U.S. State Department COMSEC;
Teletype comes into widespread use.

Teletype was in widespread use back prior to 1958. I own one built in
1953 that came out of a government station.

1965 At a System Development Corporation conference of research security
administrators for classified systems, Jerome Russell of Lawrence Radiation
Lab discusses TEMPEST.

Mid/Late-1960s Military/intelligence standards established for
effectiveness of electromagnetic shielding enclosures; Naval Research Laboratory
works on TEMPEST, leading to national standards specifications.

Herbert Yardley actually had his research ripped off and absorbed into
the NRL several decade before this date.

1971 IBM begins measuring emanations of all its devices for
information-bearing radiation, a project that included Walter Tuchman of
Data Encryption Standard(DES) development; National Communications Security
Committee(NCSC) 4(National Policy on the Control of Compromising Emanations)
published. It is replaced by NTISSP 300; NACSEM 5106(Compromising Emanations
Analysis Handbook) published. It is replaced by NSTISSAM/2-91; KAG-30A/TSEC
(Compromising Emanations Standard for Cryptographic Equipment) published.

Mid-1970s Polish intelligence is caught by KGB intercepting power
line emanations from military building in Moscow; Soviet cipher machines
determined by KGB to be vulnerable to HIJACK attacks until replaced with
steel enclosures with noise generators(causing interference to televisions
as far as 1 mile away) and clean motor generators. Machines also determined
to be vulnerable because of recent KGB breakthroughs in flooding intercept
technology methods that included use of X-rays and radioactive isotopes.

1976 NACSEM 5202 published. It is replaced by NACSEM 5201.

1977 Germany discovers TEMPEST during exercise with NATO; Proposed
Federal Computer Systems Protection Act, as introduced in U.S. Senate, defines
TEMPEST as one form of computer access/penetration that should be unlawful.
It is never passed with this language.

1978 NACSEM 5201(TEMPEST Guidelines for Equipment/System Design)
published. It is cancelled by NSTISSC-041-93; NACSEM 5204 (Shielded Enclosures)
published. It is replaced by NSTISSAM/1-95; Iranian students "execute" a
Prime T3300 TEMPEST computer in U.S. embassy courtyard.

Wim van Eck's article is actually the source of most f the incorrect TEMPEST
information out there.

Late 1983, Zenith rolls out the Z-150 or Z-148 which eventually becomes
the first Desktop TEMPEST desktop computer to reach mainstream usage.

1984 National Communications Security Instruction (NACSI) 5004 (TEMPEST
Countermeasures for Facilities within U.S.) published. It is replaced by
NTISSI 7000; NACSI 5005 (TEMPEST Countermeasures for Facilities Outside U.S.)
published. It is replaced by NTISSI 7000; NSA publishes TEMPEST security
requirements for NSA contractors processing SCIF information; FCC requires
non-interference certification for microcomputers; Israeli government provides
shielded photocopy machines to spy Jonathan Pollard through Washington embassy
for reproduction of top-secret documents; Swedish government commission publishes
"Leaking Computers" booklet, a best-seller in the Swedish business community;
West German police apprehend Polish spy holding evidence of TEMPEST
eavesdropping; Wang Corporation sells an estimated $75 million in TEMPEST
products to U.S. military/military contractors; NSA becomes focal point and
manager of U.S. TEMPEST security and makes recommendations to NTSSC; U.S.
government/military agencies, including the Air Force and NSA, identify concept
of zoning.

1985 Iverson builds TEMPEST version of IBM PC for Operation TEMPEST;
Grid Federal Systems makes only NSA-approved portable TEMPEST computer using
a plasma display; Dutch scientist Wim Van Eck publishes an unclassified paper
on TEMPEST eavesdropping of up to 1 km after demonstrating it at Securicom
'85 in France, raising both awareness and furor in open security community
because of its ease and affordability by individuals. Others duplicate his
device; BBC's "Tomorrow's World" runs 5-minute TEMPEST demonstration(with
Wim Van Eck's help) on TV, introducing it to British public. Targets are
New Scotland Yard and an office in London; Prestigious and scholarly journal
"Computers and Security" discusses Van Eck radiation paper; Canadian Criminal
Amendment Act criminalizes TEMPEST reception; DOD "Yellow Book"(Secure System
Development Environments) deems TEMPEST outside its scope; NSA COMSEC publishes
"Procedures for TEMPEST Zoning Information - Processing Equipment, Systems,
and Facilities"; NSA public affairs director says they have been open and
have been charged with being open in assisting public sector with TEMPEST
protection standards.

Since 1969 the exploitation of "Compromising Emanations" has been illegal
in the United States.

1988 Sales of TEMPEST security systems and services estimated to reach
$2.9 billion by 1992; Endorsed TEMPEST Product List (ETPL) begins after
Industrial TEMPEST Program is restructured; NTISSP 300 (National Policy on
Control of Compromising Emanations) is published. It is replaced by NSTISSP
300; NTISSI 7000 (TEMPEST Countermeasures and Facilities) is published. It
is replaced by NSTISSI 7000; NSA infosec booklet "TEMPEST Alternatives Data
Book (including maps of zoned facilities)" published; BBC's second TEMPEST
demonstration on TV show "High Tech Spies" takes place. Targets are London
law offices and brokerage firms; Editor of "Computers and Security" journal
updates Van Eck information in "Abacus" journal and later in "Computers and
Security" journal; Consumertronics of New Mexico publishes plans for Van
Eck unit to general public, along with other information in booklet "Beyond
Van Eck Phreaking". Future revisions include Van Eck's actual plans; Ian
Murphy (Captain Zap) presents TEMPEST receiver plans;

No, Captain Zap did not publish any such plans, but was only providing
photocopies of van Ecks article and the Consumertronics raster analysis signal
generator while unemployed and working as a taxi driver. Ian Murphy (Captain
Zap) is and was a psychiatric patient and convicted felon with a long history
of fraud and being delusionary. He has spent half his life either in prison
or institutionalized.

First International Symposium on Electromagnetic Security for Information
Protection(SEPI) takes place in Italy; 1989 British central computer and
telecommunications agency publishes "TEMPEST:The Risk"; NSA drafts specification
for high performance shielded enclosures.

Late-1980s French army demonstrates TEMPEST to French government.

Actually it was November of 1979 when they did the demo.

1990s After German reunification, removed French army sells 50 TEMPEST
receivers at scrap value to unknown parties.

1990 British Computer Misuse Act explicitly excludes TEMPEST eavesdropping
as threat and states that it is legal; Professor Erhard Moller of Acchen
University in Germany publishes detailed update of Van Eck's work, with addition
of helpful protective measures; "Computers and Security" journal publishes
article by Peter Smulders of Eindhoven University of Technology on TEMPEST
eavesdropping of RS-232 cable; Christopher Seline publishes evaluation of
American laws, pertaining to TEMPEST, on Internet; National Security
Telecommunications and Information Systems Security Committee (NSTISSC) TEMPEST
Advisory Group (TAG) group formed to streamline national-level TEMPEST
activities, which leads to updated standards; "EMP and TEMPEST Protection
for Facilities" published by U.S. Army Corp of Engineers.

1991 First American broadcast of electromagnetic eavesdropping is
shown on Geraldo Rivera's "Now! It can be told" show, performed by Winn
Schwartau; Jim Carter, in coordination with Benjamin Franklin Savings and
Loan, demonstrates successful attack on Diebold ATM machine using TEMPEST;

The above is a fantasy, all they did have the reconstruction of a composite
video signal from a defective monitor. Anybody standing within 15 feet of
the monitor could have seen the same information with the naked eye, and
at no time was any confidential information obtained.

Basically, it was a staged hoax. They operated the equipment inside the
near field of the ATM, and the majority of the shielding and gorunding on
the ATM had been removed. It was a hoax.

It was the FCC that harassed them, as they were trying to sell something
to the public that didn't have the required FCC paperwork to cover it to
ensure that it didn't cause interference to other radio devices. The product
was so poorly built that is screwed up radio traffic at the local airports,
and screwed up the ILS/Navigation systems at the runway.

Winn's book was little more then clueless ramblings plagiarized from other
authors who in turn had no idea what they were talking about. It is a classic
case of the blind leading the blind who where then trying to pick the pockets
of other blind people.

1995 Internet Underground magazine publishes article about TEMPEST
capers in New York using DataScan device. After U.S. Army starts buying device,
Pentagon requests that sales outside Army stop and it is agreed to;

The above is a total falsehood.

The company in question never sold any of these units to the Army.

The person who was claiming to be making the DataScan is a well known
con artist and charlatan who was eventually criminally prosecuted on felony
charges by the government, and eventually banned from doing any kind of business
with he government due to extensive fraud.

The Discovery Channel actually pulled the piece when they found out the
demonstration was rigged.

1997 Hacking in Progress(HIP) conference has analog TEMPEST setup
on display; WANG Corporation releases new,cost-effective TEMPEST PC and
printer(Datadefense Secure) in response to recent network security concerns;
TEMPEST techniques against smartcards are discussed at Eurocrypt '97; Steve
Jackson's GURPS Black Ops game includes TEMPEST surveillance devices as equipment
option; WANG Corporation awarded a U.S. Government Systems Acquisition and
Support Services contract (SASS II) for TEMPEST and Zone secure systems and
maintenance valued at $105 million over 5 years 1998 "Soft TEMPEST" software
techniques (sent for patent), videofonts used to discourage monitoring, published
by well-known computer security experts Markus Kuhn and Ross Anderson, surprising
many in TEMPEST field. PGP 6.0.2 and Steganos II incorporate Soft TEMPEST
fonts; James Atkinson claims Frank Jones and his Datascan device are a fraud,
as are most other commercial devices.

Frank Jones is convicted in Federal Court of a serious felony, and in
revenge attempts to launch a series harassment lawsuits which all get thrown
out of court as being frivolous.

1999 TEMPEST intercept equipment headed for Vietnam from U.S. is stopped
by FBI and U.S. Customs in Virginia and man sentenced to prison; NSA only
releases redacted NSTISSAM/1-92 in FOIA request by John Young for all TEMPEST
standards information; FBI agent admits use of TEMPEST monitoring by agency
as possible investigative technique while participating in MIT panel discussion
of Whitfield Diffie's book "Privacy on the Line."

Late-1990s Department of Energy's Oak Ridge National Laboratory develops
Video Intercept Receiver, a compact TEMPEST receiver used for field testing.

The ORNL was actually just based on the Micro-tel VDA-60, and the Kaiser
RAS-515 raster analysis systems, both of which date from the early 80's.

2001 In Kyllo v. US, U.S. Supreme Court rules against unwarranted
infrared detection by law enforcement against private homes; Nine more redacted
government TEMPEST documents are released.

2001 The Wall Street Journal runs a front page article on TEMPEST
interception, and then is savaged for "shoddy journalism" by other media
outlets when it is discovered that most of the article is complete
fantasy. Frank Jones probation officer receives a severe reprimand
from his superiors for overlooking multiple serious probation violations.